ironhide 1.1.0

Tool to easily encrypt and decrypt files to users and groups. Similar to GPG, but usable at scale.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89

use std::path::PathBuf;

use clap::Parser;
use ironoxide::{
    IronOxideErr,
    group::GroupAccessEditResult,
    prelude::{BlockingIronOxide, GroupId, GroupName, UserId},
};
use itertools::Either;

use crate::{
    group_maps::{self, convert_group_names_to_ids},
    util,
};

const EXAMPLE: &str = "EXAMPLE

    $ ironhide group remove-member -u test@example.com,test2@example.com myGroup

";

#[derive(Parser)]
/// Remove members from a group given their email address.
#[clap(after_help = EXAMPLE)]
pub struct RemoveMember {
    /// Name of the group. Can alternately refer to a group by ID. Indicate IDs by prefixing with 'id^' e.g. 'id^groupID'.
    #[clap(value_parser = util::group_identifier_from_string)]
    group: Either<GroupName, GroupId>,
    /// Path to location of file which contains keys to use for this operation. Overrides using default key file from
    /// '~/.iron' directory.
    #[clap(value_parser = clap::value_parser!(PathBuf), short, long)]
    keyfile: Option<PathBuf>,
    /// Remove member permissions from the comma-separated list of user emails.
    #[clap(value_parser = util::try_from_email, short, long, use_value_delimiter = true, value_delimiter = ',', required = true)]
    users: Vec<UserId>,
}

impl util::GetKeyfile for RemoveMember {
    fn get_keyfile(&self) -> Option<&PathBuf> {
        self.keyfile.as_ref()
    }
}

pub fn group_remove_members(
    sdk: &BlockingIronOxide,
    RemoveMember { group, users, .. }: RemoveMember,
) -> Result<(), String> {
    let (groups_by_name, _) = group_maps::get_group_maps(sdk);
    let group_id = convert_group_names_to_ids(&[group], &groups_by_name)
        .first()
        .cloned()
        .expect("Group doesn't have an ID.");

    let removed_members = sdk.group_remove_members(&group_id, &users);
    let table = build_result_table(removed_members);
    table.printstd();

    Ok(())
}

fn build_result_table(
    remove_member_results: Result<GroupAccessEditResult, IronOxideErr>,
) -> prettytable::Table {
    let mut table = table!([Fbb->"User", Fbb->"Result"]);

    match remove_member_results {
        Ok(results) => {
            for succeeded_id in results.succeeded() {
                table.add_row(row![
                    Fw -> succeeded_id.id(),
                    Fg -> format!("{}", "✔ Removed as member"),
                ]);
            }
            for failure in results.failed() {
                table.add_row(row![
                    Fw -> failure.user().id(),
                    Fr -> failure.error(),
                ]);
            }
        }
        Err(e) => {
            table.add_row(
                row![Fw -> "ALL", Fr -> format!("Removing members failed catastrophically: {}", e)],
            );
        }
    }

    table
}